Closed samerda75 closed 3 years ago
mmmh this is puzzling, since the library does a couple of POSTS via Ajax, and in both cases CSRF token in correctly sent:
file ajax_datatable/static/ajax_datatable/js/utils.js
(line 341):
$.ajax({
type: 'POST',
url: url,
data: data,
dataType: 'json',
headers: {'X-CSRFToken': getCookie('csrftoken')}
}).done(function(data, textStatus, jqXHR) {
file ajax_datatable/static/ajax_datatable/js/utils.js
(line 398):
$.ajax({
type: 'POST',
url: url,
data: data,
dataType: 'json',
cache: false,
crossDomain: false,
headers: {'X-CSRFToken': getCookie('csrftoken')}
}).done(function(data, textStatus, jqXHR) {
where:
function getCookie(name) {
var value = '; ' + document.cookie,
parts = value.split('; ' + name + '=');
if (parts.length == 2) return parts.pop().split(';').shift();
}
so there is no need to supply it to AjaxDatatableViewUtils.initialize_table()
mmmh this is puzzling, since the library does a couple of POSTS via Ajax, and in both cases CSRF token in correctly sent:
file
ajax_datatable/static/ajax_datatable/js/utils.js
(line 341):$.ajax({ type: 'POST', url: url, data: data, dataType: 'json', headers: {'X-CSRFToken': getCookie('csrftoken')} }).done(function(data, textStatus, jqXHR) {
file
ajax_datatable/static/ajax_datatable/js/utils.js
(line 398):$.ajax({ type: 'POST', url: url, data: data, dataType: 'json', cache: false, crossDomain: false, headers: {'X-CSRFToken': getCookie('csrftoken')} }).done(function(data, textStatus, jqXHR) {
where:
function getCookie(name) { var value = '; ' + document.cookie, parts = value.split('; ' + name + '='); if (parts.length == 2) return parts.pop().split(';').shift(); }
so there is no need to supply it to AjaxDatatableViewUtils.initialize_table()
Thank you for your support
You're welcome.
I just added an example showing how to add a column with a button; this should be done python-side rather then javascript-side:
https://github.com/morlandi/django-ajax-datatable#81adding-a-button-for-editing
I will close this issue; feel free to open a new one in case
It appears that it doesn't really work. I checked the request header and it is not showing 'X-CSRFToken' at all. It didn't work in both Safari and Firefox, so it's not the browser. The csrftoken cookie is set but the script is not passing that header for some reason. So I had to add csrfmiddlewaretoken in the extra_field to make it work.
@shuki25 I do believe it does. Could you please check on the demo site http://django-ajax-datatable-demo.brainstorm.it/tracks/ ?
@morlandi I'm opening up a new issue, I figure out what went wrong and you might want to figure out an alternative method.
i am using Django with the but i am always getting this error Forbidden (CSRF token missing or incorrect.)
i have tried to include the token within the AjaxDatatableViewUtils.initialize_table but not failed to do so can you please advice i am using the below script